We had planned not to write about the news this month that porn is attracting users and hackers. In the end, we couldn’t stick to that because there were three attacks targeting people interested in pictures of scantily clad ladies. The recipe was always the same – along with downloading the promised images and videos, the malware was also introduced to the machine to steal our online banking data.
Attackers have managed to steal 47 GB of data from University of Graz computers, possibly by obtaining and using the login details of the Vice-Chancellor. The data includes personal details of teachers and students and exam results.
The financial department of a US healthcare institution was broken into, and the thieves made off with several valuable computers. The computers are valuable mainly for the data they contain: one of them was used to store the personal data of 200,000 patients. Nearly 2,000 people also had data recorded that is easy to misuse: bank card information and social security numbers.
It hasn’t been a good deal to be a MacKeeper-user lately after a technical glitch at the service provider caused almost all of its users’ data to be publicly available on the internet. Users’ names, passwords, activation codes, and phone numbers were also leaked – fortunately, at least credit card details were safe this time.
Apple’s system is supposed to be protected against unauthorized intrusions by security software called Gatekeeper, but there have been times in history when this protection has been bypassed. And now it’s happening again: a researcher has discovered that Gatekeeper uses simple statistical analysis to determine whether an app is secure. Knowing this, it’s easy to write code that slips through the cracks.
LastPass, the most popular of the SSO (simple sign-on) systems, has not escaped its fate after a phishing attack attempt allowed as yet unknown attackers to gain access to user data. The data was obtained by popping up a window on some websites confirming LastPass login details. Of course, all this requires stupidity on the part of the users, but we have seen that this can rely on many times …
As we reported earlier, more than 1 billion users’ data was stolen from Yahoo’s servers by strangers in 2013. In addition, Yahoo mishandled the case, only disclosing the data leak years later. However, it seems that the management does not learn from its mistakes. It has now emerged that in 2014, too, a massive amount of 500 million records fell into unauthorized hands. Further details are not yet known.